﻿<?php
$edit_url	=	"?act=list_album";
if ($del_id) {
	acp_check_permission('del_album');
	if ($_POST['submit']) {
		$mysql->query("DELETE FROM ".$tb_prefix."album WHERE album_id = '".$del_id."'");
		echo "Ðã xóa xong <meta http-equiv='refresh' content='0;url=".$edit_url."'>";
		exit();
	}
	?><table align=center><form method="post">Bạn có muốn xóa không ??????<br><center><input value="Có" name=submit type=submit class=submit></center></form></table><?
}
if($mode == 'edit') {
acp_check_permission('edit_album');
	if(is_numeric($id)) {
		$sql	=	"SELECT * FROM ".$tb_prefix."album WHERE album_id = $id";
		$query	=	$mysql->query($sql);
			if($mysql->num_rows($query)) {
				$row		=	$mysql->fetch_array($query);
				$album_ID	=	$row['album_id'];
				$album_NAME	=	$row['album_name'];
				$singer_ID	=	$row['album_singer'];
				$album_IMG	=	$row['album_img'];
				$album_INFO	=	$row['album_info'];
				$action	=	"?act=album&mode=edit&id=$id";
				if(isset($_POST['submit'])) {
					$album		 = m_htmlchars(stripslashes(trim(urldecode($_POST['name']))));
					$album_ascii  = strtolower(utf8_to_ascii($album));
					if($_POST['new_singer'] && $_POST['singer_type']) {
						$new_singer 	 = m_htmlchars(stripslashes(trim(urldecode($_POST['new_singer']))));
						$singer_type = $_POST['singer_type'];
						$singer = acp_quick_add_singer($new_singer,$singer_type);
					}
					else {
						$singer 	 = $_POST['singer'];
					}
					$img	=	$_POST['img'];
					$info	=	$_POST['info'];
					$mysql->query("UPDATE ".$tb_prefix."album SET
						album_name			=  	'".$album."',
						album_name_ascii 	= 	'".$album_ascii."',
						album_singer		= 	'".$singer."',
						album_img			= 	'".$img."',
						album_info			=	'".$info."' WHERE album_id = '".$id."'");
					echo "<script language='JavaScript'>{ window.parent.location='?act=album&mode=edit&id=$id' }</script>";
				}
			}
			if(!$mysql->num_rows($query)) {
				die("Album này không có trong data");
			}
		}
include("templates/album.html");
}
if($mode == 'add') {
acp_check_permission('add_album');
	if(isset($_POST['submit'])) {
		$action		=	"?act=album&mode=add";
		$album		 = m_htmlchars(stripslashes(trim(urldecode($_POST['name']))));
		$album_ascii  = strtolower(utf8_to_ascii($album));
		if($_POST['new_singer'] && $_POST['singer_type']) {
			$new_singer 	 = m_htmlchars(stripslashes(trim(urldecode($_POST['new_singer']))));
			$singer_type = $_POST['singer_type'];
			$singer = acp_quick_add_singer($new_singer,$singer_type);
		}
		else {
			$singer 	 = $_POST['singer'];
		}
		$img	=	$_POST['img'];
		$info	=	$_POST['info'];
		$mysql->query("INSERT INTO ".$tb_prefix."album (album_name,album_name_ascii,album_singer,album_img,album_info) 
			 VALUES ('".$album."','".$qlbum_ascii."','".$singer."','".$img."','".$info."')");
			echo "<script language='JavaScript'>{ window.parent.location='?act=list_album' }</script>";
		}
	include("templates/album.html");	
}		
?>